IBM AppScan Source

Discover how AppScan Source works

Stronger, more cost-effective application security solution

AppScan Source identifies security vulnerabilities in source code during the early stages of the application lifecycle. It builds automated security into development by integrating security source code analysis with automated scanning during the build process. The software scans, triages and manages security policies; and prioritizes assignment of results for remediation. It scans more than one million lines of code per hour; and extends analysis to Android and Apple iOS mobile applications.

Reduced time and effort with Intelligent Finding Analytics

With its cognitive IFA capabilities, AppScan Source helps reduce false positives by up to 98%, alleviating the need for security experts to review findings for false positives before sending them to developers. It helps Identify Fix Groups in your code, enabling developers to save time by addressing multiple issues with a single code change. IFA also helps you to perform Delta Analysis Reporting; display scan-to-scan changes and identify new issues that may have been added.

Security best practices through centralized management

AppScan Source defines and enforces consistent policies that can be used throughout the enterprise. It can help enable enterprise-wide metrics and reporting with a centralized policy and assessment database. AppScan Source also provides audit and compliance reports that make it easier to understand application-related threat exposures at the executive level.